Twitter OAuth返回“不正确的签名”。请帮忙

I've been looking at this for the last couple of hours. I've tried googling the problem and tried several edits but to no avail. I'm sure everything here is right but I'm still getting errors. Can someone whose worked with twitter Oauth please take a look at my code and see whats wrong.

<?php


$oauth_consumer_key = "OKuMtqCnndfee3sw";   //scrambled
$oauth_consumer_secret = "Gs2hOY9drerfdsfiOF76Yeyf9aTjYzPH5Z3eMU";   // scrambled
$oauth_nonce = sha1(time());
$oauth_signature_method = "HMAC-SHA1";
$oauth_timestamp = time();

$oauth_version = "1.0";
$oauth_token = "50005779-NSp6lP5DVLoWMh34dfdsBb2FnHf9DIcpu";  // scrambled
$token_secret = "ha0tS9SyldDdfeefw";   // scrambled
$status = "testing";

$baseString = "oauth_consumer_key=" . rawurlencode($oauth_consumer_key) . "&oauth_nonce=" . rawurlencode($oauth_nonce) . "&oauth_signature_method=" . rawurlencode($oauth_signature_method) . "&oauth_timestamp=" . rawurlencode($oauth_timestamp) . "&oauth_token=" . rawurlencode($oauth_token) . "&oauth_version=" . rawurlencode($oauth_version) . "&status=" . rawurlencode($status);

$baseString = "POST&" . rawurlencode("https://api.twitter.com/1/statuses/update.json") . "&" . rawurlencode($baseString);


$signing_key = rawurlencode($oauth_consumer_secret) . "&" . rawurlencode($token_secret);

$signature = base64_encode(hash_hmac('sha1', $a, $signing_key, true));

$auth = "OAuth oauth_nonce=\"" . $oauth_nonce . "\",oauth_signature_method=\"" . $oauth_signature_method . "\",oauth_timestamp=\"" . $oauth_timestamp . "\",oauth_consumer_key=\"" . $oauth_consumer_key . "\",oauth_token=\"" . rawurlencode($oauth_token) . "\",oauth_signature=\"" . rawurlencode($signature) ."\",oauth_version=\"" . $oauth_version . "\"";

$ch = curl_init("https://api.twitter.com/1/statuses/update.json");

curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Expect: ", "Authorization: $auth"));
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $baseString);

$b = curl_exec($ch);
var_dump($b);

curl_close($ch);
?>

Any help would be greatly appreciated. Thank you.

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

douwengzao5790 2010-08-18 23:20

关注

It looks like you're not following the OAuth Authentication Flow (unless this is just the end where the user has already authenticated). I've been working with OAuth for a bit these past few weeks and had a lot of trouble. Just got it working last night using just the OAuth PHP Library they provide on their website. You can find it here -> http://oauth.googlecode.com/svn/code/php/OAuth.php

This is what I have developed from that (full workflow):

Authenticate Page:

$oauth_signature_method = new OAuthSignatureMethod_HMAC_SHA1();
$oauth_consumer_key = new OAuthConsumer( "your_twitter_consumer_key", "your_twitter_consumer_secret" );
$oauth_token = NULL;

$request_token = OAuthRequest::from_consumer_and_token( $oauth_consumer_key, $oauth_token, 'GET', "https://api.twitter.com/oauth/request_token", array('oauth_callback' => "http://your/callback/url/")) );
$request_token->sign_request( $oauth_signature_method, $oauth_consumer_key, $oauth_token );

$curl_handle = curl_init();
curl_setopt($curl_handle, CURLOPT_URL, $request_token->to_url());
curl_setopt($curl_handle, CURLOPT_RETURNTRANSFER, TRUE);
$response = curl_exec($curl_handle);
curl_close($curl_handle);

$token = OAuthUtil::parse_parameters($response);
$_SESSION['oauth_token'] = $token['oauth_token'];
$_SESSION['oauth_token_secret'] = $token['oauth_token_secret'];

header('Location: https://api.twitter.com/oauth/authorize?oauth_token=' . $token['oauth_token']);

Callback Page:

$oauth_signature_method = new OAuthSignatureMethod_HMAC_SHA1();
$oauth_consumer_key = new OAuthConsumer( "your_twitter_consumer_key", "your_twitter_consumer_secret" );
$oauth_token = new OAuthConsumer( $_SESSION['oauth_token'], $_SESSION['oauth_token_secret'] );

$access_token = OAuthRequest::from_consumer_and_token( $oauth_consumer_key, $oauth_token, 'GET', "https://api.twitter.com/oauth/access_token", array('oauth_verifier' => $_REQUEST['oauth_verifier']) );
$access_token->sign_request( $oauth_signature_method, $oauth_consumer_key, $oauth_token );

$curl_handle = curl_init();
curl_setopt($curl_handle, CURLOPT_URL, $access_token->to_url());
curl_setopt($curl_handle, CURLOPT_RETURNTRANSFER, TRUE);
$response = curl_exec($curl_handle);
curl_close($curl_handle);

$token = OAuthUtil::parse_parameters($response);
$_SESSION['access_token'] = $token;

unset($_SESSION['oauth_token']);
unset($_SESSION['oauth_token_secret']);

// user has been verified. Token is stored in $_SESSION. Now you can make calls to the api
header('Location: http://your/completion/page');

Calling /account/verify_credentials:

$access_token = $_SESSION['access_token'];

$oauth_signature_method = new OAuthSignatureMethod_HMAC_SHA1();
$oauth_consumer_key = new OAuthConsumer( "your_twitter_consumer_key", "your_twitter_consumer_secret" );
$oauth_token = new OAuthConsumer( $access_token['oauth_token'], $access_token['oauth_token_secret'] );

$request = OAuthRequest::from_consumer_and_token( $oauth_consumer_key, $oauth_token, 'GET', 'https://api.twitter.com/account/verify_credentials.json', NULL );
$request->sign_request( $oauth_signature_method, $oauth_consumer_key, $oauth_token );

$curl_handle = curl_init();
curl_setopt($curl_handle, CURLOPT_URL, $request->to_url());
curl_setopt($curl_handle, CURLOPT_RETURNTRANSFER, TRUE);
$response = curl_exec($curl_handle);
curl_close($curl_handle);

$response = json_decode($response);
print_r($response);

I also created a test status update page with this code:

$access_token = $_SESSION['access_token'];

$oauth_signature_method = new OAuthSignatureMethod_HMAC_SHA1();
$oauth_consumer_key = new OAuthConsumer( "your_twitter_consumer_key", "your_twitter_consumer_secret" );
$oauth_token = new OAuthConsumer( $access_token['oauth_token'], $access_token['oauth_token_secret'] );

$post_fields = array(
    'status' => "This is a test status update."
);
$request = OAuthRequest::from_consumer_and_token( $oauth_consumer_key, $oauth_token, 'POST', 'https://api.twitter.com/statuses/update.json', $post_fields );
$request->sign_request( $oauth_signature_method, $oauth_consumer_key, $oauth_token );

$curl_handle = curl_init();
curl_setopt($curl_handle, CURLOPT_URL, $request->to_url());
curl_setopt($curl_handle, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($curl_handle, CURLOPT_USERAGENT, "Twitter OAuth Test");
curl_setopt($curl_handle, CURLOPT_HTTPHEADER, array('Expect:'));

curl_setopt($curl_handle, CURLOPT_POST, TRUE);
curl_setopt($curl_handle, CURLOPT_POSTFIELDS, $post_fields);

$response = curl_exec($curl_handle);
print_r(curl_getinfo($curl_handle));
curl_close($curl_handle);

$response = json_decode($response);
print_r($response);

That's the complete Twitter OAuth Authentication. I hope this helps you or at least gets you started!

本回答被题主选为最佳回答 , 对您是否有帮助呢?

报告相同问题？

关注问题

Twitter OAuth返回“不正确的签名”。请帮忙 php twitter
2010-08-18 21:38

回答 1 已采纳 It looks like you're not following the OAuth Authentication Flow (unless this is just the end wher
Twitter API和获取用户信息PHP php twitter
2018-05-11 23:19

回答 1 已采纳 What you need in order to maintain access to user information on behalf of them is the generated o
PHP Oauth 1.0提供程序，签名不匹配 php
2014-12-03 10:30

回答 1 已采纳 I finally managed to solve it, my .htaccess file had a rewrite rule that was processing a _url par
QOAuth1使用和Twitter签名API
2022-07-18 21:22

冰宁秋叶四飘的博客上述函数，用于登录，使用cef浏览器登录，中途会因为开发者之前再twitter的设置中，跳转到指定的网页,识别验证网页是我设置的url，那就结束，再网页的地址中，可以解析到返回的token密钥对，用户ID等。目前使用的是...
无法使用PHP base64_encode获取Twitter的OAuth签名 php twitter
2013-03-25 01:08

回答 1 已采纳 I was getting the correct hashed value in hexidecimal characters, but I needed them in raw binary
Twitter OAuth无法检索访问令牌 php twitter
2015-03-24 23:01

回答 1 已采纳 As it turns out my particular issue was caused by sessions and the callback url. I was accessing
什么PHP Twitter OAuth库可用？我应该使用哪一个？ php twitter
2011-12-14 15:46

回答 2 已采纳 I've used Abraham's TwitterOAuth library and find it to be quite good. It comes with some good wor
twitter授权登录 php,PHP版实现Twitter第三方登录的成功案例
2021-04-24 19:57

Ai2clear的博客 QQ、微信、Fackbook等第三方登录使用OAuth2.0，随便找一些文档跟着做很快实现，没什么难度。等轮到Twitter时候，如果你也...不管Twitter为什么仍然使用OAuth1.0，也不争论哪个更加安全，在这只单纯说一下我踩过的坑...
Twitter OAuth识别 php twitter
2011-02-16 14:26

回答 6 已采纳 Send users to https://api.twitter.com/oauth/authenticate instead of https://api.twitter.com/oauth/
php twitter发布消息与oauth php twitter
2011-02-25 15:17

回答 3 已采纳 https://github.com/abraham/twitteroauth uses the new oauth authentication
使用Twitter oAuth安全登录 - 最佳实践 php twitter
2010-07-27 21:40

回答 1 已采纳 Without knowing exactly what your client/consumer application is doing, it is hard to tell whether
oauth-subscriber:使用OAuth 1.0（Guzzle 6+）签署Guzzle请求
2021-05-04 10:52

使用使用者密钥，使用者密钥，OAuth令牌和OAuth密钥对请求进行签名。此版本仅适用于Guzzle 6.0及更高版本！正在安装可以使用Composer安装该项目。将以下内容添加到您的composer.json中： { "require" : { "guzzle...
Twitter OAuth使用相同的代码在不同的域上失败签名验证 php twitter
2010-01-26 13:19

回答 1 已采纳 http://groups.google.com/group/twitter-development-talk/browse_thread/thread/aadee92bc5c34f29?pli=
twitter php_twitter 之服务端验证【php】
2021-03-23 08:13

黄沙边疆博功名的博客贴一下我们代码吧$token = "'; //，token和token_secret 是1对的，由客户端... //这个就不说明了,相当于appid吧$consumerkeySecret=""; //这个就不说明了$time = time();$oauth_consumer_key = $consumerkey;$oauth...
PHP版实现Twitter第三方登录的成功案例
2018-04-20 11:38

love2377的博客 QQ、微信、Fackbook等第三方登录使用OAuth2.0，随便找一些文档跟着做很快实现，没什么难度。等轮到Twitter时候，如果你也这样想，...不管Twitter为什么仍然使用OAuth1.0，也不争论哪个更加安全，在这只单纯说一下我...
没有解决我的问题, 去提问

悬赏问题

¥15 素材场景中光线烘焙后灯光失效
¥15 请教一下各位，为什么我这个没有实现模拟点击
¥15 执行 virtuoso 命令后，界面没有，cadence 启动不起来
¥50 comfyui下连接animatediff节点生成视频质量非常差的原因
¥20 有关区间dp的问题求解
¥15 多电路系统共用电源的串扰问题
¥15 slam rangenet++配置
¥15 有没有研究水声通信方面的帮我改俩matlab代码
¥15 ubuntu子系统密码忘记
¥15 保护模式-系统加载-段寄存器

码龄粉丝数原力等级 --

Twitter OAuth返回“不正确的签名”。请帮忙

1条回答默认最新

码龄粉丝数原力等级 --

悬赏问题

Twitter OAuth返回“不正确的签名”。 请帮忙

1条回答 默认 最新

悬赏问题

Twitter OAuth返回“不正确的签名”。请帮忙

1条回答默认最新